What's up with this ?

Discussion in 'Prevx Releases' started by CloneRanger, May 24, 2011.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Hi, hope you can shed some light on this.

    Reinstalled PSOL today, & i also installed MBAM & updated it. Stopped PSOL from monitoring for 15 minutues, or so i thought :(

    pm.gif

    Oh & that's just a fraction of the almost continuous outbounds WS has logged ! At first i thought it might be MBAM doing some cloud checking, but it never has before, as i could always use it offline. So i got suspicious that it wasn't MBAM & presumed it was PSOL, which it was.

    It was showing stopped here.

    tb.gif

    Stopping PSOL caused MBAM to freeze part way into it's scan. PSOL came back on after the 15 minutes was over, but the freeze continued until i had set PSOL to stop for a further 60 minutes !

    So why didn't it take orders & Actually stop ?

    Also even though i have set a PW in PSOL, i was able to do the "supposed" stop without getting prompted for the PW ? That seems like a BIG no no to me !

    Are these bugs, or "features" ? :p

    I was in SD mode at the time & since rebooted, so i won't have a log.

    TIA
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    You've put it into Install Mode, not disabled entirely. If you click the dropdown combobox, you can completely disable it although it will still scan files - it just won't block them.
     
  3. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ PrevxHelp

    Well i did install it before i installed MBAM, but cancelled the PSOL initial scan as i was busy & locked my FW. I guess after unlocking my FW & installing/updating MBAM & it starting it's scan & being online, PSOL decided to do it's cancelled initial scan ?

    If so that explains that, so thanks for that :thumb:

    But why would it cause MBAM to freeze ?

    So it will still upload to your servers, even when i want to disable/STOP it for whatever reason I choose ?

    What about the PW issue ?
     
  4. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Canceling the initial scan will cause problems - it needs to complete the learning scan to properly install. I recommend finishing that and then continuing. Suspending protection isn't blocked by password protection but you could hide the tray icon in configuration to prevent it from being suspended.

    MBAM loads the images of files as it scans them which causes Prevx/other AVs to scan them as if they were executing. There isn't a way around this unless MBAM redesigns some elements of their scan engine, however, it shouldn't cause the scan to freeze (it may just make Prevx scan/verify files while MBAM scans them).

    But yes, disabling/stopping protection stops the actual protection, not the monitoring/scanning in the background so it will still scan files but just not block them if found to be malicious.
     
  5. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    oh wow.. :rolleyes:
     
  6. treehouse786

    treehouse786 Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    1,388
    Location:
    Lancashire
    so you cant completely disable it then?.. :)
     
  7. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    You can click "Remove Protection" which is the last option in the Suspend Protection dropdown menu to fully disable it, however, we recommend against that as it could allow malware to tamper with Prevx (which is why the other options don't fully shut down the agent).
     
  8. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Actually, if Prevx is password protected, if the user tries to disable Prevx protection, he/she will be prompted for the password. But, after entering the password, disabling protection and reenable, it will no longer ask for the password if the user decides to disable it again. This means malware could then disable malware blocking.

    This behavior should be changed, IMO.
     
  9. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Hi

    To me it should be the other way round !

    Thanks :thumb: i somehow missed that :( thinking just scrolling down would view more time.

    As in UnPrevx etc :D But at least the option is there = :thumb: And now i know = :thumb: So i can install MBAM that way without constant outbounds from Prevx :) Then reeable it.

    Re PW

    As i and m00nbl00d have suggested, this issue needs sorting. I'm sure you can appreciate why ;)
     
Thread Status:
Not open for further replies.